From c8cfa96bf77a99328a6580127c59fd3d1884c415 Mon Sep 17 00:00:00 2001
From: teor <teor@riseup.net>
Date: Mon, 3 Oct 2022 11:58:35 +1000
Subject: [PATCH 1/6] Add latest and edge tags to Docker images

---
 .github/workflows/build-docker-image.yml | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml
index bff02f2351a..886f7827ffa 100644
--- a/.github/workflows/build-docker-image.yml
+++ b/.github/workflows/build-docker-image.yml
@@ -42,6 +42,9 @@ on:
         description: 'The image digest to be used on a caller workflow'
         value: ${{ jobs.build.outputs.image_digest }}
 
+env:
+  USE_DOCKERHUB: ${{ github.event_name == 'release' && !github.event.release.prerelease }}
+
 jobs:
   build:
     name: Build images
@@ -71,7 +74,7 @@ jobs:
           # list of Docker images to use as base name for tags
           images: |
             us-docker.pkg.dev/zealous-zebra/zebra/${{ inputs.image_name }}
-            zfnd/zebra,enable=${{ github.event_name == 'release' && !github.event.release.prerelease }}
+            zfnd/zebra,enable=${{ env.USE_DOCKERHUB }}
           # generate Docker tags based on the following events/attributes
           tags: |
             type=schedule
@@ -80,7 +83,15 @@ jobs:
             type=semver,pattern={{major}}
             type=ref,event=branch
             type=ref,event=pr
+            type=ref,event=tag
             type=sha
+            # set latest and edge tags for the default branch.
+            # latest is the most recently published image on the main branch.
+            # It is the default tag that Docker fetches.
+            type=raw,value=latest,enable={{is_default_branch}}
+            # edge is the latest commit on the default branch.
+            # We only have edge builds for `us-docker.pkg.dev`, because DockerHub doesn't keep up with every `main` branch commit.
+            type=edge,enable=${{ !env.USE_DOCKERHUB && is_default_branch }}
 
       # Setup Docker Buildx to allow use of docker cache layers from GH
       - name: Set up Docker Buildx
@@ -110,7 +121,7 @@ jobs:
       - name: Login to DockerHub
         # We only publish images to DockerHub if a release is not a pre-release
         # Ref: https://github.com/orgs/community/discussions/26281#discussioncomment-3251177
-        if: ${{ github.event_name == 'release' && !github.event.release.prerelease }}
+        if: ${{ env.USE_DOCKERHUB }}
         uses: docker/login-action@v2.0.0
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}

From 2912796f95b26b4bf87cde12d78fe0aea37f1a33 Mon Sep 17 00:00:00 2001
From: teor <teor@riseup.net>
Date: Tue, 4 Oct 2022 05:59:23 +1000
Subject: [PATCH 2/6] Document how latest tag actually works

---
 .github/workflows/build-docker-image.yml | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml
index 886f7827ffa..15862c0d926 100644
--- a/.github/workflows/build-docker-image.yml
+++ b/.github/workflows/build-docker-image.yml
@@ -78,17 +78,14 @@ jobs:
           # generate Docker tags based on the following events/attributes
           tags: |
             type=schedule
+            # semver and ref,tag automatically add a "latest" tag, but only on stable releases
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
+            type=ref,event=tag
             type=ref,event=branch
             type=ref,event=pr
-            type=ref,event=tag
             type=sha
-            # set latest and edge tags for the default branch.
-            # latest is the most recently published image on the main branch.
-            # It is the default tag that Docker fetches.
-            type=raw,value=latest,enable={{is_default_branch}}
             # edge is the latest commit on the default branch.
             # We only have edge builds for `us-docker.pkg.dev`, because DockerHub doesn't keep up with every `main` branch commit.
             type=edge,enable=${{ !env.USE_DOCKERHUB && is_default_branch }}

From c51c44215a57ae4307a7dacb26695f4f1d707efb Mon Sep 17 00:00:00 2001
From: teor <teor@riseup.net>
Date: Tue, 4 Oct 2022 16:27:19 +1000
Subject: [PATCH 3/6] Try a different syntax for is_default_branch

---
 .github/workflows/build-docker-image.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml
index 15862c0d926..5b058d11132 100644
--- a/.github/workflows/build-docker-image.yml
+++ b/.github/workflows/build-docker-image.yml
@@ -88,7 +88,7 @@ jobs:
             type=sha
             # edge is the latest commit on the default branch.
             # We only have edge builds for `us-docker.pkg.dev`, because DockerHub doesn't keep up with every `main` branch commit.
-            type=edge,enable=${{ !env.USE_DOCKERHUB && is_default_branch }}
+            type=edge,enable=${{ !env.USE_DOCKERHUB && {{is_default_branch}} }}
 
       # Setup Docker Buildx to allow use of docker cache layers from GH
       - name: Set up Docker Buildx

From e924d1b590acde9dc1a5078e4996073d454f916f Mon Sep 17 00:00:00 2001
From: teor <teor@riseup.net>
Date: Tue, 4 Oct 2022 16:30:16 +1000
Subject: [PATCH 4/6] Try again

---
 .github/workflows/build-docker-image.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml
index 5b058d11132..ba6320955a9 100644
--- a/.github/workflows/build-docker-image.yml
+++ b/.github/workflows/build-docker-image.yml
@@ -88,7 +88,7 @@ jobs:
             type=sha
             # edge is the latest commit on the default branch.
             # We only have edge builds for `us-docker.pkg.dev`, because DockerHub doesn't keep up with every `main` branch commit.
-            type=edge,enable=${{ !env.USE_DOCKERHUB && {{is_default_branch}} }}
+            type=edge,enable=${{ !env.USE_DOCKERHUB }} && {{is_default_branch}}
 
       # Setup Docker Buildx to allow use of docker cache layers from GH
       - name: Set up Docker Buildx

From 0cdee5226919876642a0b79d3912f442213c32c6 Mon Sep 17 00:00:00 2001
From: teor <teor@riseup.net>
Date: Tue, 4 Oct 2022 16:34:52 +1000
Subject: [PATCH 5/6] One last try

---
 .github/workflows/build-docker-image.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml
index ba6320955a9..79a5347054c 100644
--- a/.github/workflows/build-docker-image.yml
+++ b/.github/workflows/build-docker-image.yml
@@ -88,7 +88,7 @@ jobs:
             type=sha
             # edge is the latest commit on the default branch.
             # We only have edge builds for `us-docker.pkg.dev`, because DockerHub doesn't keep up with every `main` branch commit.
-            type=edge,enable=${{ !env.USE_DOCKERHUB }} && {{is_default_branch}}
+            type=edge,enable=${{ !env.USE_DOCKERHUB }},enable={{is_default_branch}}
 
       # Setup Docker Buildx to allow use of docker cache layers from GH
       - name: Set up Docker Buildx

From 83f22c9ab611b23336186efe48545f3628fdb192 Mon Sep 17 00:00:00 2001
From: teor <teor@riseup.net>
Date: Tue, 4 Oct 2022 16:44:32 +1000
Subject: [PATCH 6/6] Revert changes that don't work

---
 .github/workflows/build-docker-image.yml | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml
index 79a5347054c..14bd3d990a8 100644
--- a/.github/workflows/build-docker-image.yml
+++ b/.github/workflows/build-docker-image.yml
@@ -42,9 +42,6 @@ on:
         description: 'The image digest to be used on a caller workflow'
         value: ${{ jobs.build.outputs.image_digest }}
 
-env:
-  USE_DOCKERHUB: ${{ github.event_name == 'release' && !github.event.release.prerelease }}
-
 jobs:
   build:
     name: Build images
@@ -74,7 +71,7 @@ jobs:
           # list of Docker images to use as base name for tags
           images: |
             us-docker.pkg.dev/zealous-zebra/zebra/${{ inputs.image_name }}
-            zfnd/zebra,enable=${{ env.USE_DOCKERHUB }}
+            zfnd/zebra,enable=${{ github.event_name == 'release' && !github.event.release.prerelease }}
           # generate Docker tags based on the following events/attributes
           tags: |
             type=schedule
@@ -87,8 +84,8 @@ jobs:
             type=ref,event=pr
             type=sha
             # edge is the latest commit on the default branch.
-            # We only have edge builds for `us-docker.pkg.dev`, because DockerHub doesn't keep up with every `main` branch commit.
-            type=edge,enable=${{ !env.USE_DOCKERHUB }},enable={{is_default_branch}}
+            # TODO: We only want edge builds for `us-docker.pkg.dev`, because DockerHub doesn't keep up with every `main` branch commit.
+            type=edge,enable={{is_default_branch}}
 
       # Setup Docker Buildx to allow use of docker cache layers from GH
       - name: Set up Docker Buildx
@@ -118,7 +115,7 @@ jobs:
       - name: Login to DockerHub
         # We only publish images to DockerHub if a release is not a pre-release
         # Ref: https://github.com/orgs/community/discussions/26281#discussioncomment-3251177
-        if: ${{ env.USE_DOCKERHUB }}
+        if: ${{ github.event_name == 'release' && !github.event.release.prerelease }}
         uses: docker/login-action@v2.0.0
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}